Proprietary + Confidential

Google Cloud Architect

Design and Process
Workbook
 Proprietary + Confidential

1a. Defining your case study

Come up with a case study. Then fill in the next slide.

Examples:
● Online Banking Portal
● Ride sharing application (like Uber)
● Online shopping site
● Something else...
 Proprietary + Confidential

1b. [Case Study Name Here]

Brief description:

List a few main features:

List roles of typical users:

 Proprietary + Confidential

2a. Writing user personas

Create two user personas that describe typical users of your application.
Add a new slide for each persona.

Example persona:
Jocelyn is a busy working mom who wants to access MegaCorp Bank to check her account balances
and make sure that there are enough funds to pay for her kids' music and sport lessons. She also uses
the web site to automate payment of bills and see her credit account balances. Jocelyn wants to save
time and money, and she wants a credit card that gives her cash back.
 Proprietary + Confidential

2b. Writing user stories

Create three user stories for the roles you defined earlier.
Create a new slide for each user story.

Example user story:

Balance Inquiry
As a checking account holder, I want to check my available balance at any time of day, so that I am
sure not to overdraw my account.
 Proprietary + Confidential

3. Defining SLIs and SLOs

Based on the requirements of your case study, fill in the table on the next slide with SLOs and SLIs
as shown in the example below.
User story SLO SLI
Balance Inquiry Available 99.95% Fraction of 200 vs 500 HTTP responses
from API endpoint measured per day

Balance Inquiry 95% of requests complete in under 300 ms Time to last byte GET requests measured
every 10 seconds aggregated per minute
 Proprietary + Confidential

3. Defining SLIs and SLOs

Based on the requirements of your case study, fill in the table below with SLOs and SLIs.

User story SLO SLI

 Proprietary + Confidential

4. Design microservices for your application

Draw a diagram on the next slide showing your application's microservices and their connections.
Below is an example.

Accounts
Service
Products
Service

Web Accounts
UI Database
Customer
Service Reporting
Mobile Analytics Service
UI Service
Customer
Database
Auth
Service Data
Warehouse
 Proprietary + Confidential

4. Design microservices for your application

Draw a diagram showing your application's microservices and their connections.
 Proprietary + Confidential

5. Designing REST APIs

Fill in the table on the next slide with your services and their resources and operations as shown in
the example below.
Service name Collections Methods
Account Service transactions list
deposit
withdraw
transfer
 Proprietary + Confidential

5. Designing REST APIs

Fill in the table with your services and their resources and operations.

Service name Collections Methods

 Proprietary + Confidential

6. Defining storage characteristics

On the next slide fill in the required storage features. Below is an example.

Strong or Amount of
Structured or Read only or
Service SQL or NoSQL Eventual Data (MB, GB,
Unstructured Read/Write
Consistency TB, PB, ExB)

Account Service Structured SQL Strong GB Read/Write

 Proprietary + Confidential

6. Defining storage characteristics

Fill in the required storage features.

Strong or Amount of
Structured or Read only or
Service SQL or NoSQL Eventual Data (MB, GB,
Unstructured Read/Write
Consistency TB, PB, ExB)
 Proprietary + Confidential

7. Choosing Google Cloud Storage and Data Services

On the next slide choose the Google Cloud storage products for each service.
Below is an example.

Service
Cloud Cloud Firestore Cloud Cloud BigQuery
Persistent Disk
Storage SQL Bigtable Spanner

Account
X
Service
 Proprietary + Confidential

7. Choosing Google Cloud Storage and Data Services

Choose the Google Cloud storage products for each service.

Service
Cloud Cloud Firestore Cloud Cloud BigQuery
Persistent Disk
Storage SQL Bigtable Spanner
 Proprietary + Confidential

8a. Defining network characteristics for your services

On the next slide fill in the required network features. Below is an example.

Internet facing
Service HTTP TCP UDP Multiregional?
or Internal only

Account Internal only X No

 Proprietary + Confidential

8a. Defining network characteristics for your services

Fill in the required network features.

Internet facing
Service HTTP TCP UDP Multi-Regional?
or Internal only
 Proprietary + Confidential

8b. Select the load balancers for your services

On the next slide choose the Google Cloud load balancer product(s) for each service.
Below is an example.

Service
HTTP TCP UDP

Account X
 Proprietary + Confidential

8b. Select the load balancers for your services

Choose the Google Cloud load balancer product(s) for each service.

Service
HTTP TCP UDP
 Proprietary + Confidential

9. Diagramming your network

On the next slide draw a diagram that depicts how your services will communicate over the network.
Include regions, zones, load balancers, CDN, and DNS if applicable. Below is an example.

Products Accounts
Service Service

Products Accounts
Database Database

UI
HTTPS
Global HTTP Customer
Load Balancer Service

Auth
Service Customer
Database
Third-Party VPC
 Proprietary + Confidential

9. Diagramming your network

Draw a diagram that depicts how your services will communicate over the network. Include regions,
zones, load balancers, CDN, and DNS if applicable.
 Proprietary + Confidential

10. Designing reliable, scalable applications

Even if some service is down, we want the web frontend of our application to be available nearly all the
time. We also want the website to be fast with very low latency to users all over the world. On the next
slide, draw a diagram that depicts how we can achieve this using Google Cloud services. Below is an
example.
us-east-1 us-central-1

us-central1 us-central1-a

us-central1-a Orders Cloud Inventory Analytics

BigQuery
Service SQL Service Service
UI

HTTPS
TCP Load us-central1-b
HTTP Global Balancer
us-central1-b
Load Balancer Orders Inventory Firestore
Failover
UI Service Service

Multi-regional Cloud Storage bucket for backups

 Proprietary + Confidential

10. Designing reliable, scalable applications

Even if some service is down, we want the web frontend of our application to be available nearly all the
time. We also want the website to be fast with very low latency to users all over the world. Draw a
diagram that depicts how we can achieve this using Google Cloud services.
 Proprietary + Confidential

11a. Disaster recovery scenario

You've deployed for high availability by replicating resources in multiple zones. However, to meet
regulatory requirements, you need a plan to recover from a disaster that brings down the entire region.
The current architecture is depicted below. On the next slide, create a plan to bring up your application
in another region if your main region is down. Below is an example.

us-central-1

us-central1-a

Orders Cloud Inventory Analytics

BigQuery
Service SQL Service Service

TCP Load us-central1-b

Balancer
Accounts Products Firestore
Failover
Service Service
 Proprietary + Confidential

11a. Disaster recovery scenario

You've deployed for high availability by replicating resources in multiple zones. However, to meet
regulatory requirements, you need a plan to recover from a disaster that brings down the entire region.
The current architecture is depicted on the previous slide. Create a plan to bring up your application in
another region if your main region is down.
 Proprietary + Confidential

11b. Service disaster recovery scenarios

Write a high-level list of possible scenarios on the next slide. Below is an example.

Recovery Point Recovery Time

Service Scenario Priority
Objective Objective

Ratings Service Programmer deleted 24 hours 1 hour Med

all ratings
accidentally

Orders Service Orders database 0 (can’t lose any 2 minutes High

crashes data)
 Proprietary + Confidential

11b. Service disaster recovery scenarios

Write a high-level list of possible scenarios.

Recovery Point Recovery Time

Service Scenario Priority
Objective Objective
 Proprietary + Confidential

11c. Resource disaster recovery plans

For each scenario, fill in the table on the next slide. Below is an example.

Resource Backup Strategy Backup Location Recovery Procedure

Ratings Database Daily automated backups Multi-Regional Cloud Run Restore Script
Storage Bucket

Orders Database Failover replica plus daily Multi-zone deployment Automated

backups
 Proprietary + Confidential

11c. Resource disaster recovery plans

For each scenario, fill in the table.

Resource Backup Strategy Backup Location Recovery Procedure

 Proprietary + Confidential

12. Modeling secure Google Cloud services

Draw a diagram on the next slide that depicts how you will secure your services. Include firewalls, IAM
roles, service accounts and network resources as appropriate. Below is an example.

Custom VPC

Google Cloud Armor Block Firewall Rules:

denied IPs Allow HTTPS from 0.0.0.0/0
Allow SSH from known sources

HTTPS
Subnets:
HTTP us-central1
Global Load Balancer us-east1
 Proprietary + Confidential

12. Modeling secure Google Cloud services

Draw a diagram that depicts how you will secure your services. Include firewalls, IAM roles, service
accounts and network resources as appropriate.
 Proprietary + Confidential

13. Cost estimating and planning

Use the pricing calculator to determine and record on the next slide the cost of your microservices.
Below is an example.

Service name Google Cloud Resource Cost

Accounts Cloud SQL $574.71/month

 Proprietary + Confidential

13. Cost estimating and planning

Use the pricing calculator to determine and record the cost of your microservices.

Service name Google Cloud Resource Cost